UBUNTU-CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab that stems from a search timeout tha...

PT-2023-17245 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 15.9 through 15.9.3 GitLab versions 15.10 through 15.10.0 Description: An issue has been discovered in GitLab where a search timeout could be triggered if a specific HTML payload was used in the issue description...

CVE-2023-1787

An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML payload was used in the issue description...

CVE-2023-1787

GitLab CVE-2023-1787 affects GitLab versions 15.9 before 15.9.4 and 15.10 before 15.10.1. The issue arises from a crafted HTML payload in an issue description that triggers a search timeout, a potential denial-of-service condition with availability impact. There are no exploit details in the prov...

CVE-2023-1787

Removed by vendor...

GitLab 15.9 < 15.9.4 / 15.10 < 15.10.1 (CVE-2023-1787)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. A search timeout could be triggered if a specific HTML...

CVE-2023-29139

An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. When a user with checkuserlog permissions makes many CheckUserLog API requests in some configurations, denial of service can occur RequestTimeoutException or upstream request timeout...

FreeBSD : Gitlab -- Multiple Vulnerabilities (54006796-cf7b-11ed-a5d5-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 54006796-cf7b-11ed-a5d5-001b217b3468 advisory. - Gitlab reports: Cross-site scripting in Maximum page reached page Private project guests can...

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Cross-site scripting in "Maximum page reached" page Private project guests can read new changes using a fork Mirror repository error reveals password in Settings UI DOS and high resource consumption of Prometheus server through abuse of Prometheus integration proxy endpoint...

The vulnerability of the memcached data caching service provided by the libmemcached-awesome library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the memcached data caching service provided by the libmemcached-awesome library is related to insufficient protection of operational data when processing the POLLTIMEOUT parameter, which controls the wait time for requests. Exploiting this vulnerability can allow an attacker ...

Waf-Bypass - Check Your WAF Before An Attacker Does

WAF bypass Tool is an open source tool to analyze the security of any WAF for False Positives and False Negatives using predefined and customizable payloads. Check your WAF before an attacker does. WAF Bypass Tool is developed by Nemesida WAF team with the participation of community. How to run I...

CVE-2022-33244

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

Authentication flaw

Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout...

SUSE CVE-2023-27478

libmemcached-awesome is an open source C/C++ client library and tools for the memcached server. libmemcached could return data for a previously requested key, if that previous request timed out due to a low POLLTIMEOUT. This issue has been addressed in version 1.1.4. Users are advised to upgrade...

PT-2025-37532

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the Universal Serial Bus USB subsystem, specifically within the ucsi acpi component. A command completion timeout was initially increased to ...

protobuf-java: timeout in parser leads to DoS

A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted...

AZL-34932 CVE-2023-27478 affecting package libmemcached-awesome for versions less than 1.1.4-1

libmemcached-awesome is an open source C/C++ client library and tools for the memcached server. libmemcached could return data for a previously requested key, if that previous request timed out due to a low POLLTIMEOUT. This issue has been addressed in version 1.1.4. Users are advised to upgrade...

DEBIAN-CVE-2023-27478

libmemcached-awesome is an open source C/C++ client library and tools for the memcached server. libmemcached could return data for a previously requested key, if that previous request timed out due to a low POLLTIMEOUT. This issue has been addressed in version 1.1.4. Users are advised to upgrade...